From da88beb1f5b31755bacd32a2f3cb2dbf4f443f97 Mon Sep 17 00:00:00 2001
From: Joe Au-Yeung <j.auyeung419@gmail.com>
Date: Thu, 6 Oct 2022 15:06:07 -0400
Subject: [PATCH] Fix type errors

---
 lib/validations/schedule.ts  |  8 ++++++++
 pages/api/schedules/[id].ts  |  8 ++++++--
 pages/api/schedules/index.ts | 27 +++++++++++++++++++--------
 3 files changed, 33 insertions(+), 10 deletions(-)

diff --git a/lib/validations/schedule.ts b/lib/validations/schedule.ts
index 32edcdae63..229ab5a14b 100644
--- a/lib/validations/schedule.ts
+++ b/lib/validations/schedule.ts
@@ -11,6 +11,14 @@ const schemaScheduleRequiredParams = z.object({
 
 export const schemaScheduleBodyParams = schemaScheduleBaseBodyParams.merge(schemaScheduleRequiredParams);
 
+export const schemaSingleScheduleBodyParams = schemaScheduleBaseBodyParams.merge(
+  z.object({ userId: z.number().optional() })
+);
+
+export const schemaCreateScheduleBodyParams = schemaScheduleBaseBodyParams.merge(
+  z.object({ userId: z.number().optional(), name: z.string() })
+);
+
 export const schemaSchedulePublic = z
   .object({ id: z.number() })
   .merge(Schedule)
diff --git a/pages/api/schedules/[id].ts b/pages/api/schedules/[id].ts
index f92392fa3f..adc26e7b6d 100644
--- a/pages/api/schedules/[id].ts
+++ b/pages/api/schedules/[id].ts
@@ -2,7 +2,7 @@ import type { NextApiRequest, NextApiResponse } from "next";
 
 import { withMiddleware } from "@lib/helpers/withMiddleware";
 import type { ScheduleResponse } from "@lib/types";
-import { schemaScheduleBodyParams, schemaSchedulePublic } from "@lib/validations/schedule";
+import { schemaSingleScheduleBodyParams, schemaSchedulePublic } from "@lib/validations/schedule";
 import {
   schemaQueryIdParseInt,
   withValidQueryIdTransformParseInt,
@@ -13,7 +13,11 @@ export async function scheduleById(
   res: NextApiResponse<ScheduleResponse>
 ) {
   const safeQuery = schemaQueryIdParseInt.safeParse(query);
-  const safeBody = schemaScheduleBodyParams.safeParse(body);
+  const safeBody = schemaSingleScheduleBodyParams.safeParse(body);
+  if (!safeBody.success) {
+    res.status(400).json({ message: "Bad request" });
+    return;
+  }
 
   if (safeBody.data.userId && !isAdmin) {
     res.status(401).json({ message: "Unauthorized" });
diff --git a/pages/api/schedules/index.ts b/pages/api/schedules/index.ts
index b486431440..7380a4faa2 100644
--- a/pages/api/schedules/index.ts
+++ b/pages/api/schedules/index.ts
@@ -4,15 +4,26 @@ import { getAvailabilityFromSchedule, DEFAULT_SCHEDULE } from "@calcom/lib/avail
 
 import { withMiddleware } from "@lib/helpers/withMiddleware";
 import { ScheduleResponse, SchedulesResponse } from "@lib/types";
-import { schemaScheduleBodyParams, schemaSchedulePublic } from "@lib/validations/schedule";
+import {
+  schemaScheduleBodyParams,
+  schemaSchedulePublic,
+  schemaCreateScheduleBodyParams,
+} from "@lib/validations/schedule";
 
 async function createOrlistAllSchedules(
   { method, body, userId, isAdmin, prisma }: NextApiRequest,
   res: NextApiResponse<SchedulesResponse | ScheduleResponse>
 ) {
-  const safeBody = schemaScheduleBodyParams.safeParse(body);
+  const safe = schemaScheduleBodyParams.safeParse(body);
 
-  if (safeBody.data.userId && !isAdmin) {
+  if (!safe.success) {
+    res.status(400).json({ message: "Bad request" });
+    return;
+  }
+
+  const safeBody = safe.data;
+
+  if (safeBody.userId && !isAdmin) {
     res.status(401).json({ message: "Unauthorized" });
     return;
   } else {
@@ -34,14 +45,13 @@ async function createOrlistAllSchedules(
        *         description: No schedules were found
        */
 
-      const userIds = Array.isArray(safeBody.data.userId)
-        ? safeBody.data.userId
-        : [safeBody.data.userId || userId];
+      const userIds = Array.isArray(safeBody.userId) ? safeBody.userId : [safeBody.userId || userId];
 
       const data = await prisma.schedule.findMany({
         where: {
           userId: { in: userIds },
         },
+        include: { availability: true },
         ...(Array.isArray(body.userId) && { orderBy: { userId: "asc" } }),
       });
       const schedules = data.map((schedule) => schemaSchedulePublic.parse(schedule));
@@ -69,7 +79,7 @@ async function createOrlistAllSchedules(
        *       401:
        *        description: Authorization information is missing or invalid.
        */
-      const safe = schemaScheduleBodyParams.safeParse(body);
+      const safe = schemaCreateScheduleBodyParams.safeParse(body);
       if (body.userId && !isAdmin) {
         res.status(401).json({ message: "Unauthorized" });
         return;
@@ -79,10 +89,11 @@ async function createOrlistAllSchedules(
         res.status(400).json({ message: "Invalid request body" });
         return;
       }
+
       const data = await prisma.schedule.create({
         data: {
           ...safe.data,
-          userId: body.userId && isAdmin ? body.userId : userId,
+          userId: safe.data.userId || userId,
           availability: {
             createMany: {
               data: getAvailabilityFromSchedule(DEFAULT_SCHEDULE).map((schedule) => ({